SQL injection is a technique for exploiting web applications that use client-supplied data in SQL queries, but without first stripping potentially harmful characters. Checking for SQL Injection vulnerabilities involves auditing your web applications and the best way to do it is by using automated SQL Injection Scanners. Security-Hacks.com compiled a list of free SQL Injection Scanners. I really enjoy reading the article.
Reference : Pinal Dave (https://blog.sqlauthority.com)